Released under the GNU General Public License
*/
require 'includes/application_top.php';
require 'includes/classes/http_client.php';
// if the customer is not logged on, redirect them to the login page
if (!tep_session_is_registered('customer_id')) {
$navigation->set_snapshot();
tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
}
require DIR_WS_LANGUAGES . $language . '/' . FILENAME_GV_SEND;
if ($_POST['back_x'] || $_POST['back_y']) {
$_GET['action'] = '';
}
if ($_GET['action'] == 'send') {
$error = false;
if (!tep_validate_email(trim($_POST['email']))) {
$error = true;
$error_email = ERROR_ENTRY_EMAIL_ADDRESS_CHECK;
}
$gv_query = tep_db_query("select amount from " . TABLE_COUPON_GV_CUSTOMER . " where customer_id = '" . $customer_id . "'");
$gv_result = tep_db_fetch_array($gv_query);
$customer_amount = $gv_result['amount'];
$gv_amount = trim($_POST['amount']);
if (ereg('[^0-9/.]', $gv_amount)) {
$error = true;
$error_amount = ERROR_ENTRY_AMOUNT_CHECK;
}
if ($gv_amount > $customer_amount || $gv_amount == 0) {
$error = true;
$error_amount = ERROR_ENTRY_AMOUNT_CHECK;
}
function processCheckout()
{
global $customer_id, $comments, $coupon, $order, $currencies, $request_type, $languages_id, $currency, $customer_shopping_points_spending, $customer_referral, $cart_PayPal_Standard_ID, $cart_PayPal_IPN_ID, $cart_Worldpay_Junior_ID, $shipping, $cartID, $order_total_modules, $onepage, $credit_covers, $payment, $payment_modules;
$this->checkCartValidity();
$comments = tep_db_prepare_input($_POST['comments']);
if (!tep_session_is_registered('comments')) {
tep_session_register('comments');
}
$onepage['customer']['comments'] = $_POST['comments'];
//BOF KGT
if (MODULE_ORDER_TOTAL_DISCOUNT_COUPON_STATUS == 'true') {
$onepage['info']['coupon'] = $order->info['coupon'];
}
//EOF KGT
$lists = PHPLIST_LISTNUMBERS;
$lists = explode(';', $lists);
foreach ($lists as $key => $list) {
if (isset($_POST['newsletters_' . $list])) {
$onepage['customer']['newsletters'][] = $_POST['newsletters_' . $list];
}
}
$onepage['customer']['newsletter'] = isset($_POST['billing_newsletter']) ? $_POST['billing_newsletter'] : '0';
$order->customer = array_merge($order->customer, $onepage['customer']);
if (tep_session_is_registered('customer_id')) {
$onepage['createAccount'] = false;
} else {
if (tep_not_null($_POST['password'])) {
$onepage['createAccount'] = true;
$onepage['customer']['password'] = $_POST['password'];
$this->createCustomerAccount();
} elseif (ONEPAGE_ACCOUNT_CREATE == 'create') {
$onepage['createAccount'] = true;
$onepage['customer']['password'] = tep_create_random_value(ENTRY_PASSWORD_MIN_LENGTH);
$this->createCustomerAccount();
}
}
$payment_modules->update_status();
$paymentMethod = $onepage['info']['payment_method'];
##### Points/Rewards Module V2.1rc2a check for error BOF #######
if (USE_POINTS_SYSTEM == 'true' && USE_REDEEM_SYSTEM == 'true') {
if (isset($_POST['customer_shopping_points_spending']) && is_numeric($_POST['customer_shopping_points_spending']) && $_POST['customer_shopping_points_spending'] > 0) {
$customer_shopping_points_spending = false;
if ($_POST['customer_shopping_points_spending'] > tep_get_shopping_points($customer_id)) {
$_POST['customer_shopping_points_spending'] = tep_get_shopping_points($customer_id);
}
$customer_shopping_points = tep_get_shopping_points();
$max_points = calculate_max_points($customer_shopping_points);
if ($points > $max_points) {
$points = $max_points;
}
if (tep_calc_shopping_pvalue($_POST['customer_shopping_points_spending']) < $order->info['total'] && ($paymentMethod == '' || $paymentMethod == 'credit_covers')) {
$customer_shopping_points_spending = false;
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(REDEEM_SYSTEM_ERROR_POINTS_NOT), 'SSL'));
} else {
$customer_shopping_points_spending = $_POST['customer_shopping_points_spending'];
if (!tep_session_is_registered('customer_shopping_points_spending')) {
tep_session_register('customer_shopping_points_spending');
}
}
}
if (tep_not_null(USE_REFERRAL_SYSTEM)) {
if (isset($_POST['customer_referred']) && tep_not_null($_POST['customer_referred'])) {
$customer_referral = false;
$check_mail = trim($_POST['customer_referred']);
if (tep_validate_email($check_mail) == false) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(REFERRAL_ERROR_NOT_VALID), 'SSL'));
} else {
$valid_referral_query = tep_db_query("select customers_id from " . TABLE_CUSTOMERS . " where customers_email_address = '" . $check_mail . "' limit 1");
$valid_referral = tep_db_fetch_array($valid_referral_query);
if (!tep_db_num_rows($valid_referral_query)) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(REFERRAL_ERROR_NOT_FOUND), 'SSL'));
}
if ($check_mail == $order->customer['email_address']) {
tep_redirect(tep_href_link(FILENAME_CHECKOUT_PAYMENT, 'error_message=' . urlencode(REFERRAL_ERROR_SELF), 'SSL'));
} else {
$customer_referral = $valid_referral['customers_id'];
if (!tep_session_is_registered('customer_referral')) {
tep_session_register('customer_referral');
}
}
}
}
}
}
##### Points/Rewards Module V2.1rc2a check for error EOF #######
if (MODULE_ORDER_TOTAL_COUPON_STATUS == 'true') {
// Start - CREDIT CLASS Gift Voucher Contribution
if ($credit_covers) {
$paymentMethod = 'credit_covers';
}
unset($_POST['gv_redeem_code']);
unset($HTTP_POST_VARS['gv_redeem_code']);
$order_total_modules->collect_posts();
$order_total_modules->pre_confirmation_check();
// End - CREDIT CLASS Gift Voucher Contribution
}
if ($order->info['total'] <= 0) {
$payment = '';
$paymentMethod = '';
$onepage['info']['payment_method'] = '';
//$onepage['info']['order_id'] = '';
}
$html = '';
$hiddenFields = '';
$infoMsg = 'Please press the continue button to confirm your order.';
$formUrl = tep_href_link(FILENAME_CHECKOUT_PROCESS, '', $request_type);
if ($paymentMethod != '' && $paymentMethod != 'credit_covers') {
if (tep_not_null($GLOBALS[$paymentMethod]->form_action_url)) {
$formUrl = $GLOBALS[$paymentMethod]->form_action_url;
$infoMsg = 'Please press the continue button to proceed to the payment processors page.';
}
$GLOBALS[$paymentMethod]->pre_confirmation_check();
$GLOBALS[$paymentMethod]->confirmation();
if (tep_session_is_registered('cart_PayPal_IPN_ID')) {
$onepage['info']['order_id'] = substr($cart_PayPal_IPN_ID, strpos($cart_PayPal_IPN_ID, '-') + 1);
}
if (tep_session_is_registered('cart_PayPal_Standard_ID')) {
$onepage['info']['order_id'] = substr($cart_PayPal_Standard_ID, strpos($cart_PayPal_Standard_ID, '-') + 1);
}
if (tep_session_is_registered('cart_Worldpay_Junior_ID')) {
$onepage['info']['order_id'] = substr($cart_Worldpay_Junior_ID, strpos($cart_Worldpay_Junior_ID, '-') + 1);
}
$hiddenFields = $GLOBALS[$paymentMethod]->process_button();
if (!tep_not_null($hiddenFields)) {
foreach ($_POST as $varName => $val) {
if (is_array($_POST[$varName])) {
foreach ($_POST[$varName] as $varName2 => $val2) {
$hiddenFields .= tep_draw_hidden_field($varName2, $val2);
}
} else {
$hiddenFields .= tep_draw_hidden_field($varName, $val);
}
}
}
}
/*
$html .= '<form name="redirectForm" action="' . $formUrl . '" method="POST">
<noscript>' .
$infoMsg .
tep_image_submit('button_continue.gif', IMAGE_CONTINUE) .
'</noscript>' .
tep_image_submit('button_continue.gif', IMAGE_CONTINUE, 'style="display:none;"') .
$hiddenFields .
'<script>
document.write(\'<img src="' . DIR_WS_IMAGES . 'ajax-loader.gif"><br>Processing Order, Please Wait...\');
redirectForm.submit();
</script></form>';
*/
$html .= '<form name="redirectForm" action="' . $formUrl . '" method="POST">
<noscript>' . $infoMsg . '<input type="submit" value="' . IMAGE_CONTINUE . '" class="button-a" /></noscript>
<input type="submit" value="' . IMAGE_CONTINUE . '" class="button-a" style="display:none;" />' . $hiddenFields . '<script>
document.write(\'<div style="width:100%;height:100%;margin-left:auto;margin-top:100px;color:#5d5d5d;font-family:Tahoma, Geneva, sans-serif;font-size:12px;text-align:center"><img src="' . DIR_WS_HTTP_CATALOG . DIR_WS_IMAGES . 'ajax-loader.gif"><br>' . Translate('Bezig met de verwerking van uw bestelling. Even geduld...') . '</div>\');
setTimeout("redirectForm.submit()", 3000);
</script></form>';
return $html;
}
Copyright (c) 2012 osCommerce
Released under the GNU General Public License
*/
require 'includes/application_top.php';
require DIR_WS_LANGUAGES . $language . '/' . FILENAME_PASSWORD_RESET;
$error = false;
if (!isset($HTTP_GET_VARS['account']) || !isset($HTTP_GET_VARS['key'])) {
$error = true;
$messageStack->add_session('password_forgotten', TEXT_NO_RESET_LINK_FOUND);
}
if ($error == false) {
$email_address = tep_db_prepare_input($HTTP_GET_VARS['account']);
$password_key = tep_db_prepare_input($HTTP_GET_VARS['key']);
if (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH || tep_validate_email($email_address) == false) {
$error = true;
$messageStack->add_session('password_forgotten', TEXT_NO_EMAIL_ADDRESS_FOUND);
} elseif (strlen($password_key) != 40) {
$error = true;
$messageStack->add_session('password_forgotten', TEXT_NO_RESET_LINK_FOUND);
} else {
$check_customer_query = tep_db_query("select c.customers_id, c.customers_email_address, ci.password_reset_key, ci.password_reset_date from " . TABLE_CUSTOMERS . " c, " . TABLE_CUSTOMERS_INFO . " ci where c.customers_email_address = '" . tep_db_input($email_address) . "' and c.customers_id = ci.customers_info_id");
if (tep_db_num_rows($check_customer_query)) {
$check_customer = tep_db_fetch_array($check_customer_query);
if (empty($check_customer['password_reset_key']) || $check_customer['password_reset_key'] != $password_key || strtotime($check_customer['password_reset_date'] . ' +1 day') <= time()) {
$error = true;
$messageStack->add_session('password_forgotten', TEXT_NO_RESET_LINK_FOUND);
}
} else {
$error = true;
function _process()
{
global $messageStack, $osC_Database, $osC_Customer;
if (ACCOUNT_GENDER > 0) {
if (!isset($_POST['gender']) || $_POST['gender'] != 'm' && $_POST['gender'] != 'f') {
$messageStack->add('account_edit', ENTRY_GENDER_ERROR);
}
}
if (!isset($_POST['firstname']) || strlen(trim($_POST['firstname'])) < ACCOUNT_FIRST_NAME) {
$messageStack->add('account_edit', ENTRY_FIRST_NAME_ERROR);
}
if (!isset($_POST['lastname']) || strlen(trim($_POST['lastname'])) < ACCOUNT_LAST_NAME) {
$messageStack->add('account_edit', ENTRY_LAST_NAME_ERROR);
}
if (ACCOUNT_DATE_OF_BIRTH > -1) {
if (isset($_POST['dob_days']) && isset($_POST['dob_months']) && isset($_POST['dob_years']) && checkdate($_POST['dob_months'], $_POST['dob_days'], $_POST['dob_years'])) {
$dob = mktime(0, 0, 0, $_POST['dob_months'], $_POST['dob_days'], $_POST['dob_years']);
} else {
$messageStack->add('account_edit', ENTRY_DATE_OF_BIRTH_ERROR);
}
}
if (!isset($_POST['email_address']) || strlen(trim($_POST['email_address'])) < ACCOUNT_EMAIL_ADDRESS) {
$messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_ERROR);
} else {
if (tep_validate_email($_POST['email_address']) == false) {
$messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
} else {
$Qcheck = $osC_Database->query('select customers_id from :table_customers where customers_email_address = :customers_email_address and customers_id != :customers_id limit 1');
$Qcheck->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qcheck->bindValue(':customers_email_address', $_POST['email_address']);
$Qcheck->bindInt(':customers_id', $osC_Customer->id);
$Qcheck->execute();
if ($Qcheck->numberOfRows() > 0) {
$messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_ERROR_EXISTS);
}
$Qcheck->freeResult();
}
}
if ($messageStack->size('account_edit') === 0) {
$Qcustomer = $osC_Database->query('update :table_customers set customers_gender = :customers_gender, customers_firstname = :customers_firstname, customers_lastname = :customers_lastname, customers_email_address = :customers_email_address, customers_dob = :customers_dob where customers_id = :customers_id');
$Qcustomer->bindTable(':table_customers', TABLE_CUSTOMERS);
$Qcustomer->bindValue(':customers_gender', ACCOUNT_GENDER > -1 && isset($_POST['gender']) && ($_POST['gender'] == 'm' || $_POST['gender'] == 'f') ? $_POST['gender'] : '');
$Qcustomer->bindValue(':customers_firstname', $_POST['firstname']);
$Qcustomer->bindValue(':customers_lastname', $_POST['lastname']);
$Qcustomer->bindValue(':customers_email_address', $_POST['email_address']);
$Qcustomer->bindValue(':customers_dob', ACCOUNT_DATE_OF_BIRTH > -1 ? date('Ymd', $dob) : '');
$Qcustomer->bindInt(':customers_id', $osC_Customer->id);
$Qcustomer->execute();
$Qupdate = $osC_Database->query('update :table_customers_info set customers_info_date_account_last_modified = now() where customers_info_id = :customers_info_id');
$Qupdate->bindTable(':table_customers_info', TABLE_CUSTOMERS_INFO);
$Qupdate->bindInt(':customers_info_id', $osC_Customer->id);
$Qupdate->execute();
// reset the session variables
if (ACCOUNT_GENDER > -1) {
$osC_Customer->setGender($_POST['gender']);
}
$osC_Customer->setFirstName(trim($_POST['firstname']));
$osC_Customer->setLastName(trim($_POST['lastname']));
$osC_Customer->setFullName();
$osC_Customer->setEmailAddress(trim($_POST['email_address']));
$messageStack->add_session('account', SUCCESS_ACCOUNT_UPDATED, 'success');
tep_redirect(tep_href_link(FILENAME_ACCOUNT, '', 'SSL'));
}
}
public function create_customer($data)
{
global $user, $auth, $cart, $customer_id, $currencies;
$errors = array();
$process = true;
$error = false;
//Gender
if ($this->options['customers_gender'] == 'on') {
if (isset($data['gender'])) {
$gender = mysql_real_escape_string($data['gender']);
} else {
$gender = false;
}
}
//Name
if (isset($data['firstname']) || isset($data['lastname'])) {
$name = '';
if ($this->options['customers_firstname'] == 'on') {
$name .= $data['firstname'];
}
if ($this->options['customers_firstname'] == 'on' && $this->options['customers_lastname'] == 'on') {
$name .= ' ';
}
if ($this->options['customers_lastname'] == 'on') {
$name .= $data['lastname'];
}
} else {
if ($data['name']) {
$name = $data['name'];
} else {
if ($data['fullname']) {
$name = $data['fullname'];
}
}
}
if (strlen($name) < ENTRY_FIRST_NAME_MIN_LENGTH) {
$error = true;
$errors['name'] = sprintf(Translate('Uw voornaam moet minstens %s karakters bevatten'), ENTRY_FIRST_NAME_MIN_LENGTH);
}
//Day of birth
if ($this->options['customers_dob'] == 'on') {
$dob = mysql_real_escape_string($data['dob']);
}
//Email adress
if ($this->options['customers_email_address'] == 'on') {
$email_address = mysql_real_escape_string($data['email_address']);
if (tep_validate_email($email_address) == false) {
$error = true;
$errors['email_address'] = Translate('Gelieve een geldig e-mailadres in te geven');
} else {
$check_email_query = tep_db_query("select count(*) as total from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'");
$check_email = tep_db_fetch_array($check_email_query);
if ($check_email['total'] > 0) {
$error = true;
$errors['email_address_exists'] = Translate('Het ingegeven e-mailadres bestaat al in ons systeem. Gelieve in te loggen of een account te registreren met een ander e-mailadres');
}
}
}
//Company
if ($this->options['entry_company'] == 'on') {
$company = mysql_real_escape_string($data['company']);
}
//BTW nummer
if ($this->options['billing_tva_intracom'] == 'on') {
$btwnr = mysql_real_escape_string($data['btwnr']);
}
//Forum
if (FORUM_ACTIVE == 'true' && FORUM_SYNC_USERS == 'true') {
if (!isset($data['forum_username'])) {
$data['forum_username'] = $name;
}
$forum_username = mysql_real_escape_string($data['forum_username']);
if (strlen($forum_username) < ENTRY_FORUM_USERNAME_MIN_LENGTH) {
$error = true;
$errors['forum_username'] = sprintf(Translate('Uw gebruikersnaam moet minstens %s karakters bevatten'), ENTRY_FORUM_USERNAME_MIN_LENGTH);
}
/*check username*/
$check_username_query = tep_db_query("SELECT user_id FROM " . FORUM_DB_DATABASE . ".users WHERE username_clean = '" . strtolower($forum_username) . "'");
$check_username = tep_db_fetch_array($check_username_query);
if (tep_db_num_rows($check_username_query) > 0) {
$error = true;
$errors['forum_username_exists'] = Translate('Deze gebruikernaam voor het forum is reeds in gebruik.');
}
/*check username*/
$check_email_query = tep_db_query("SELECT user_id FROM " . FORUM_DB_DATABASE . ".users WHERE user_email = '" . strtolower($email_address) . "'");
$check_email = tep_db_fetch_array($check_email_query);
if (tep_db_num_rows($check_email_query) > 0) {
$error = true;
$errors['email_address_exists'] = Translate('Het ingegeven e-mailadres bestaat al in ons systeem. Gelieve in te loggen of een account te registreren met een ander e-mailadres');
}
}
//Street address
if ($this->options['entry_street_address'] == 'on') {
$street_address = mysql_real_escape_string($data['street_address']);
if (!preg_match("/[a-zA-Z]\\s\\d/", $street_address)) {
$error = true;
$errors['street_address'] = Translate('Gelieve uw straat EN huisnummer in te geven.');
}
}
//Suburb
if ($this->options['entry_suburb'] == 'on') {
$suburb = mysql_real_escape_string($data['suburb']);
}
//Postcode
if ($this->options['entry_postcode'] == 'on') {
$postcode = mysql_real_escape_string($data['postcode']);
if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
$error = true;
$errors['postcode'] = sprintf(Translate('Uw postcode moet minstens %s karakters bevatten'), ENTRY_POSTCODE_MIN_LENGTH);
}
}
//City
if ($this->options['entry_city'] == 'on') {
$city = mysql_real_escape_string($data['city']);
if (strlen($city) < ENTRY_CITY_MIN_LENGTH) {
$error = true;
$errors['city'] = sprintf(Translate('Uw woonplaats moet minstens %s karakters bevatten'), ENTRY_CITY_MIN_LENGTH);
}
}
//State
if ($this->options['entry_state'] == 'on') {
$state = mysql_real_escape_string($data['state']);
}
//Zone
if ($this->options['entry_zone'] == 'on' && isset($data['zone_id'])) {
$zone_id = mysql_real_escape_string($data['zone_id']);
} else {
$zone_id = false;
}
//Country
if ($this->options['entry_country'] == 'on') {
$country = mysql_real_escape_string($data['country']);
if (is_numeric($country) == false || $country == '0') {
$error = true;
$errors['country'] = Translate('Gelieve een land uit de lijst te selecteren');
}
}
//Telephone
if ($this->options['customers_telephone'] == 'on') {
$telephone = mysql_real_escape_string($data['telephone']);
if (strlen($telephone) < 5) {
$error = true;
$errors['telephone'] = Translate('Gelieve op een correcte manier uw telefoonnummer in te geven.');
}
}
//Fax
if ($this->options['customers_fax'] == 'on') {
$fax = mysql_real_escape_string($data['fax']);
if ($fax != '') {
if (strlen($fax) < 5) {
$error = true;
$errors['fax'] = Translate('Gelieve op de correcte manier uw faxnummer in te geven.');
}
}
}
//Create account type
if ($this->options['create_account_mode'] == 'Direct access' || $this->options['create_account_mode'] == 'Moderated access') {
$password = mysql_real_escape_string($data['password']);
$confirmation = mysql_real_escape_string($data['confirmation']);
if (strlen($password) < ENTRY_PASSWORD_MIN_LENGTH) {
$error = true;
$errors['password'] = sprintf(Translate('Uw paswoord moet minstens %s karakters bevatten'), ENTRY_PASSWORD_MIN_LENGTH);
} elseif ($password != $confirmation) {
$error = true;
$errors['confirmation'] = Translate('De ingevoerde wachtwoorden moeten hetzelfde zijn. Voer ze opnieuw in.');
}
}
if ($this->options['conditions_create_account'] != 'Uitgeschakeld' && CONDITIONS_MUST_ACCEPT == 'true') {
$terms = mysql_real_escape_string($data['TermsAgree']);
if (!$terms) {
$error = true;
$errors['terms'] = Translate('U moet akkoord gaan met de algemene voorwaarden voor u een account kan aanmaken!');
}
}
//Check if error
if ($error) {
return array('errors' => $errors);
} else {
if ($this->options['create_account_mode'] == 'Direct access' || $this->options['create_account_mode'] == 'Moderated access') {
/********************************/
/* Direct Or Moderated access */
/********************************/
if ($this->options['create_account_mode'] == 'Moderated access') {
$status = '0';
} else {
$status = '1';
}
//Newsletter
$lists = PHPLIST_LISTNUMBERS;
$lists = explode(';', $lists);
$newsletter = false;
foreach ($lists as $key => $list) {
if (isset($data['newsletters_' . $list])) {
put_user_in_list($list, 'subscribe', $email_address, $lastname . ' ' . $firstname);
$newsletter = true;
}
}
//Customers table
$sql_data_array = array('customers_firstname' => $name, 'customers_lastname' => '', 'customers_email_address' => $email_address, 'customers_telephone' => $telephone, 'customers_fax' => $fax, 'customers_newsletter' => $newsletter, 'customers_password' => tep_encrypt_password($password), 'status' => $status);
if (ACCOUNT_GENDER == 'true') {
$sql_data_array['customers_gender'] = $gender;
}
if (ACCOUNT_DOB == 'true') {
$sql_data_array['customers_dob'] = tep_date_raw($dob);
}
tep_db_perform('customers', $sql_data_array);
$customer_id = tep_db_insert_id();
//Address book table
$sql_data_array = array('customers_id' => $customer_id, 'entry_firstname' => $name, 'entry_lastname' => '', 'entry_street_address' => $street_address, 'entry_postcode' => $postcode, 'entry_city' => $city, 'entry_country_id' => $country);
if (ACCOUNT_GENDER == 'true') {
$sql_data_array['entry_gender'] = $gender;
}
if (ACCOUNT_COMPANY == 'true') {
$sql_data_array['entry_company'] = $company;
}
if (ACCOUNT_COMPANY == 'true') {
$sql_data_array['billing_tva_intracom'] = $btwnr;
}
if (ACCOUNT_SUBURB == 'true') {
$sql_data_array['entry_suburb'] = $suburb;
}
if (ACCOUNT_STATE == 'true') {
if ($zone_id > 0) {
$sql_data_array['entry_zone_id'] = $zone_id;
$sql_data_array['entry_state'] = '';
} else {
$sql_data_array['entry_zone_id'] = '0';
$sql_data_array['entry_state'] = $state;
}
}
tep_db_perform('address_book', $sql_data_array);
$address_id = tep_db_insert_id();
tep_db_query("update customers set customers_default_address_id = '" . (int) $address_id . "' where customers_id = '" . (int) $customer_id . "'");
//Customers info table
tep_db_query("insert into customers_info (customers_info_id, customers_info_number_of_logons, customers_info_date_account_created) values ('" . (int) $customer_id . "', '0', now())");
//Session
if (SESSION_RECREATE == 'True') {
tep_session_recreate();
}
$customer_first_name = $name;
$customer_default_address_id = $address_id;
$customer_country_id = $country;
$customer_zone_id = $zone_id;
if ($this->options['create_account_mode'] == 'Direct access') {
/********************/
/* Direct access */
/********************/
//Forum
if (FORUM_ACTIVE == 'true' && FORUM_SYNC_USERS == 'true' && !empty($forum_username)) {
/*add user*/
$sql_data_array = array('user_type' => '0', 'group_id' => '10', 'user_permissions' => '', 'user_ip' => $_SERVER['REMOTE_ADDR'], 'user_regdate' => time(), 'username' => $forum_username, 'username_clean' => strtolower($forum_username), 'user_password' => phpbb_hash($password), 'user_passchg' => time(), 'user_email' => strtolower($email_address), 'user_email_hash' => phpbb_email_hash(strtolower($email_address)), 'user_lastvisit' => time(), 'user_lastmark' => time(), 'user_lastpage' => FILENAME_CREATE_ACCOUNT, 'user_lang' => 'nl', 'user_timezone' => '1.00', 'user_dst' => '1', 'user_dateformat' => 'd M Y, H:i', 'user_style' => '3', 'user_form_salt' => unique_id(), 'user_new' => '1');
tep_db_perform(FORUM_DB_DATABASE . '.users', $sql_data_array, 'insert', false);
/*get user id*/
$get_forum_user_query = tep_db_query("SELECT user_id FROM " . FORUM_DB_DATABASE . ".users WHERE user_email = '" . $email_address . "'");
$get_forum_user = tep_db_fetch_array($get_forum_user_query);
$get_usergroup_query = tep_db_query("SELECT group_id FROM " . FORUM_DB_DATABASE . ".groups WHERE group_name = 'REGISTERED'");
$get_usergroup = tep_db_fetch_array($get_usergroup_query);
/*add user to groups*/
tep_db_query("INSERT INTO " . FORUM_DB_DATABASE . ".user_group (group_id, user_id, group_leader, user_pending) VALUES ('" . $get_usergroup['group_id'] . "','" . $get_forum_user['user_id'] . "','0','0')");
/*user is created, let's add session for autologin*/
if (FORUM_CROSS_LOGIN == 'true') {
$user->session_begin();
$auth->acl($user->data);
$auth->login(strtolower($forum_username), $password, false, 1, 0);
}
}
//Session
$_SESSION['customer_id'] = $customer_id;
$_SESSION['customer_first_name'] = $customer_first_name;
$_SESSION['customer_default_address_id'] = $customer_default_address_id;
$_SESSION['customer_country_id'] = $customer_country_id;
$_SESSION['customer_zone_id'] = $customer_zone_id;
// restore cart contents
$cart->restore_contents();
//HTML mail
$email_table = '<table cellspacing="0" cellpadding="0" border="0" width="587" bgcolor="#ffffff">';
$email_table .= '<tr><td style="width:5px;"></td><td>';
$email_table .= Translate('Beste ') . ' ' . $name . "\n\n";
$email_table .= "\n" . sprintf(Translate('Wij heten u welkom bij <b>%s</b>'), STORE_NAME) . "\n\n";
$email_table .= "\n" . Translate('U kunt nu gebruik maken van <b>verschillende services</b> die wij aanbieden. Enkele van deze services zijn:' . "\n\n" . '<li><b>Permanente Winkelwagen</b> - Elk product die u hierin plaatst zal daar blijven totdat u ze zelf verwijderd, of gaat afrekenen.' . "\n" . '<li><b>Bestel Geschiedenis</b> - Bekijk de bestellingen die u eerder heeft geplaatst.' . "\n\n");
//Cadeaubon voor nieuwe klanten
if (NEW_SIGNUP_GIFT_VOUCHER_AMOUNT > 0) {
$coupon_code = create_coupon_code();
$insert_query = tep_db_query("insert into coupons (coupon_code, coupon_type, coupon_amount, date_created) values ('" . $coupon_code . "', 'G', '" . NEW_SIGNUP_GIFT_VOUCHER_AMOUNT . "', now())");
$insert_id = tep_db_insert_id();
$insert_query = tep_db_query("insert into coupon_email_track (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $insert_id . "', '0', 'Admin', '" . $email_address . "', now() )");
$email_table .= sprintf(Translate('Als deel van de verwelkoming van nieuwe klanten hebben wij u een cadeaubon verstuurd ter waarde van %s'), $currencies->format(NEW_SIGNUP_GIFT_VOUCHER_AMOUNT)) . "\n\n";
$email_table .= Translate('U kan de cadeaubon valideren door op deze link te klikken') . ' <a href="' . tep_href_link(FILENAME_GV_REDEEM, 'gift=' . $coupon_code, 'NONSSL', false) . '">' . tep_href_link(FILENAME_GV_REDEEM, 'gift=' . $coupon_code, 'NONSSL', false) . '</a>' . "\n\n";
}
//Coupon code voor nieuwe klanten
if (NEW_SIGNUP_DISCOUNT_COUPON != '') {
$coupon_code = NEW_SIGNUP_DISCOUNT_COUPON;
$coupon_query = tep_db_query("select * from coupons where coupon_code = '" . $coupon_code . "'");
$coupon = tep_db_fetch_array($coupon_query);
$coupon_id = $coupon['coupon_id'];
$coupon_desc_query = tep_db_query("select * from coupons_description where coupon_id = '" . $coupon_id . "' and language_id = '" . (int) $languages_id . "'");
$coupon_desc = tep_db_fetch_array($coupon_desc_query);
$insert_query = tep_db_query("insert into coupon_email_track (coupon_id, customer_id_sent, sent_firstname, emailed_to, date_sent) values ('" . $coupon_id . "', '0', 'Admin', '" . $email_address . "', now() )");
$email_table .= Translate('Proficiat, om uw eerste bezoek aan onze shop aangenamer te maken zenden wij u een kortings coupon.') . "\n";
$email_table .= sprintf(Translate('Om de coupon te gebruiken vult u de coupon code, %s, in tijdens de checkout.'), $coupon['coupon_code']) . "\n\n";
}
$email_table .= "\n" . Translate('Voor hulp met een van deze services kunt u een email sturen naar ' . STORE_NAME . ': ' . STORE_OWNER_EMAIL_ADDRESS . '.' . "\n\n");
$email_table .= '</td><td style="width: 5px;"></td></tr></table>';
$Varlogo = '<a href="' . HTTP_SERVER . DIR_WS_CATALOG . '"><img src="' . HTTP_SERVER . DIR_WS_CATALOG . DIR_WS_IMAGES . 'mail/logo.jpg" border="0" /></a> ';
$Vartable1 = '<table width="100%" border="0" cellpadding="0" cellspacing="0" bgcolor="#ffffff">';
$Vartable2 = '<table width="100%" border="0" cellpadding="3" cellspacing="3" bgcolor="#EFEFEF">';
$Vartext1 = '<h1>' . Translate('Account aanmaken') . '</h1>';
$Vartext2 = $email_table;
//content
$Varcopyright = 'Copyright © ' . date('Y');
$Varmailfooter = Translate('Dit email adres is ingegeven op onze website door u of door een van onze bezoekers. Als u zich niet ingeschreven hebt op onze website contacteer ons dan via') . ' <a href="mailto:' . STORE_OWNER_EMAIL_ADDRESS . '">' . STORE_OWNER_EMAIL_ADDRESS . '</a>';
require DIR_WS_MODULES . 'email/html_create_account.php';
$email_text = $html_email_text;
//Send mail
tep_mail($name, $email_address, sprintf(Translate('Welkom bij %s'), STORE_NAME), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
} else {
/************************/
/* Moderated access */
/************************/
//Mail to store owner
$email_table = '<table cellspacing="0" cellpadding="0" border="0" width="587" bgcolor="#ffffff">';
$email_table .= '<tr><td style="width:5px;"></td><td>';
$email_table .= Translate('Beste ') . ' ' . Translate('beheerder') . "\n\n";
$email_table .= "\n" . sprintf(Translate('Een bezoeker heeft zich geregistreerd via %s'), STORE_NAME) . "\n\n";
$email_table .= "\n\n" . Translate('Deze klant zal pas kunnen inloggen op het beveiligd gedeelte van de website, nadat u de account activeert door middel van onderstaande link.') . "\n\n";
$email_table .= "\n\n" . '<a href="' . HTTP_SERVER . DIR_WS_HTTP_CATALOG . 'scripts/user_activate.php?user='******'">' . Translate('account activeren') . "</a>" . "\n\n";
$email_table .= '<table cellspacing="0" cellpadding="3" border="0" width="100%">';
$email_table .= '<tr><td width="150">' . Translate('Naam') . ': </td><td>' . $name . '</td></tr>';
//Email
if ($this->options['customers_email_address'] == 'on') {
$email_table .= "<tr><td>" . Translate('E-mailadres') . ': </td><td>' . $email_address . '</td></tr>';
}
//Company
if ($this->options['entry_company'] == 'on') {
$email_table .= "<tr><td>" . Translate('Bedrijfsnaam') . ': </td><td>' . $company . '</td></tr>';
}
//BTW nummer
if ($this->options['billing_tva_intracom'] == 'on') {
$email_table .= "<tr><td>" . Translate('BTW Nummer') . ': </td><td>' . $btwnr . '</td></tr>';
}
//Street address
if ($this->options['entry_street_address'] == 'on') {
$email_table .= "<tr><td>" . Translate('Straat en huisnummer') . ': </td><td>' . $street_address . '</td></tr>';
}
//Postcode
if ($this->options['entry_postcode'] == 'on') {
$email_table .= "<tr><td>" . Translate('Postcode') . ': </td><td>' . $postcode . '</td></tr>';
}
//City
if ($this->options['entry_city'] == 'on') {
$email_table .= "<tr><td>" . Translate('Woonplaats') . ': </td><td>' . $city . '</td></tr>';
}
//Telephone
if ($this->options['customers_telephone'] == 'on') {
$email_table .= "<tr><td>" . Translate('Telefoonnummer') . ': </td><td>' . $telephone . '</td></tr>';
}
//Fax
if ($this->options['customers_fax'] == 'on') {
$email_table .= "<tr><td>" . Translate('Faxnummer') . ': </td><td>' . $fax . '</td></tr>';
}
//Country
if ($this->options['entry_country'] == 'on') {
$email_table .= "<tr><td>" . Translate('Land') . ': </td><td>' . tep_get_country_name($country) . '</td></tr>';
}
$email_table .= '</table>';
$email_table .= '</td><td style="width: 5px;"></td></tr></table>';
$Varlogo = '<a href="' . HTTP_SERVER . DIR_WS_CATALOG . '"><img src="' . HTTP_SERVER . DIR_WS_CATALOG . DIR_WS_IMAGES . 'mail/logo.jpg" border="0" /></a> ';
$Vartable1 = '<table width="100%" border="0" cellpadding="0" cellspacing="0" bgcolor="#ffffff">';
$Vartable2 = '<table width="100%" border="0" cellpadding="3" cellspacing="3" bgcolor="#EFEFEF">';
$Vartext1 = '<h1>' . Translate('Account aanmaken') . '</h1>';
$Vartext2 = $email_table;
//content
$Varcopyright = Translate('Copyright © 2010');
$Varmailfooter = Translate('Dit email adres is ingegeven op onze website door u of door een van onze bezoekers. Als u zich niet ingeschreven hebt op onze website contacteer ons dan via') . ' <a href="mailto:' . STORE_OWNER_EMAIL_ADDRESS . '">' . STORE_OWNER_EMAIL_ADDRESS . '</a>';
require DIR_WS_MODULES . 'email/html_create_account.php';
$email_text = $html_email_text;
tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, Translate('Nieuwe registratie'), $email_text, $name, $email_address);
//Mail to customer
$email_table = '<table cellspacing="0" cellpadding="0" border="0" width="587" bgcolor="#ffffff">';
$email_table .= '<tr><td style="width:5px;"></td><td>';
$email_table .= Translate('Beste ') . ' ' . $name . "\n\n";
$email_table .= "\n\n" . Translate('Uw account voor onze website werd succesvol aangevraagd. Hieronder vind u nog eens de ingevulde gegevens. Uw gegevens zijn aan ons doorgegeven voor moderatie. Van zodra uw account geactiveerd is, ontvangt u hierover een e-mail.') . "\n\n";
$email_table .= '<table cellspacing="0" cellpadding="3" border="0" width="100%">';
$email_table .= '<tr><td width="150">' . Translate('Naam') . ': </td><td>' . $name . '</td></tr>';
//Email
if ($this->options['customers_email_address'] == 'on') {
$email_table .= "<tr><td>" . Translate('E-mailadres') . ': </td><td>' . $email_address . '</td></tr>';
}
//Company
if ($this->options['entry_company'] == 'on') {
$email_table .= "<tr><td>" . Translate('Bedrijfsnaam') . ': </td><td>' . $company . '</td></tr>';
}
//BTW nummer
if ($this->options['billing_tva_intracom'] == 'on') {
$email_table .= "<tr><td>" . Translate('BTW Nummer') . ': </td><td>' . $btwnr . '</td></tr>';
}
//Street address
if ($this->options['entry_street_address'] == 'on') {
$email_table .= "<tr><td>" . Translate('Straat en huisnummer') . ': </td><td>' . $street_address . '</td></tr>';
}
//Postcode
if ($this->options['entry_postcode'] == 'on') {
$email_table .= "<tr><td>" . Translate('Postcode') . ': </td><td>' . $postcode . '</td></tr>';
}
//City
if ($this->options['entry_city'] == 'on') {
$email_table .= "<tr><td>" . Translate('Woonplaats') . ': </td><td>' . $city . '</td></tr>';
}
//Telephone
if ($this->options['customers_telephone'] == 'on') {
$email_table .= "<tr><td>" . Translate('Telefoonnummer') . ': </td><td>' . $telephone . '</td></tr>';
}
//Fax
if ($this->options['customers_fax'] == 'on') {
$email_table .= "<tr><td>" . Translate('Faxnummer') . ': </td><td>' . $fax . '</td></tr>';
}
//Country
if ($this->options['entry_country'] == 'on') {
$email_table .= "<tr><td>" . Translate('Land') . ': </td><td>' . tep_get_country_name($country) . '</td></tr>';
}
$email_table .= '</table>';
$email_table .= '</td><td style="width: 5px;"></td></tr></table>';
$Varlogo = '<a href="' . HTTP_SERVER . DIR_WS_CATALOG . '"><img src="' . HTTP_SERVER . DIR_WS_CATALOG . DIR_WS_IMAGES . 'mail/logo.jpg" border="0" /></a> ';
$Vartable1 = '<table width="100%" border="0" cellpadding="0" cellspacing="0" bgcolor="#ffffff">';
$Vartable2 = '<table width="100%" border="0" cellpadding="3" cellspacing="3" bgcolor="#EFEFEF">';
$Vartext1 = '<h1>' . Translate('Account aanmaken') . '</h1>';
$Vartext2 = $email_table;
//content
$Varcopyright = Translate('Copyright © 2010');
$Varmailfooter = Translate('Dit email adres is ingegeven op onze website door u of door een van onze bezoekers. Als u zich niet ingeschreven hebt op onze website contacteer ons dan via') . ' <a href="mailto:' . STORE_OWNER_EMAIL_ADDRESS . '">' . STORE_OWNER_EMAIL_ADDRESS . '</a>';
require DIR_WS_MODULES . 'email/html_create_account.php';
$email_text = $html_email_text;
tep_mail($name, $email_address, Translate('Nieuwe registratie'), $email_text, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
}
} else {
/********************/
/* Request account */
/********************/
$email_table = '<table cellspacing="0" cellpadding="0" border="0" width="587" bgcolor="#ffffff">';
$email_table .= '<tr><td style="width:5px;"></td><td>';
$email_table .= Translate('Beste ') . ' ' . Translate('beheerder') . "\n\n";
$email_table .= "\n" . sprintf(Translate('Een bezoeker heeft zich geregistreerd via %s'), STORE_NAME) . "\n\n";
$email_table .= '<table cellspacing="0" cellpadding="3" border="0" width="100%">';
$email_table .= '<tr><td width="150">' . Translate('Naam') . ': </td><td>' . $name . '</td></tr>';
//Email
if ($this->options['customers_email_address'] == 'on') {
$email_table .= "<tr><td>" . Translate('E-mailadres') . ': </td><td>' . $email_address . '</td></tr>';
}
//Company
if ($this->options['entry_company'] == 'on') {
$email_table .= "<tr><td>" . Translate('Bedrijfsnaam') . ': </td><td>' . $company . '</td></tr>';
}
//BTW nummer
if ($this->options['billing_tva_intracom'] == 'on') {
$email_table .= "<tr><td>" . Translate('BTW Nummer') . ': </td><td>' . $btwnr . '</td></tr>';
}
//Street address
if ($this->options['entry_street_address'] == 'on') {
$email_table .= "<tr><td>" . Translate('Straat en huisnummer') . ': </td><td>' . $street_address . '</td></tr>';
}
//Postcode
if ($this->options['entry_postcode'] == 'on') {
$email_table .= "<tr><td>" . Translate('Postcode') . ': </td><td>' . $postcode . '</td></tr>';
}
//City
if ($this->options['entry_city'] == 'on') {
$email_table .= "<tr><td>" . Translate('Woonplaats') . ': </td><td>' . $city . '</td></tr>';
}
//Telephone
if ($this->options['customers_telephone'] == 'on') {
$email_table .= "<tr><td>" . Translate('Telefoonnummer') . ': </td><td>' . $telephone . '</td></tr>';
}
//Fax
if ($this->options['customers_fax'] == 'on') {
$email_table .= "<tr><td>" . Translate('Faxnummer') . ': </td><td>' . $fax . '</td></tr>';
}
//Country
if ($this->options['entry_country'] == 'on') {
$email_table .= "<tr><td>" . Translate('Land') . ': </td><td>' . tep_get_country_name($country) . '</td></tr>';
}
$email_table .= '</table>';
$email_table .= "\n\n" . Translate('Zonder manuele toevoeging in het softwarepakket, zal deze klant niet toegelaten worden in het beveiligde gedeelte van de website. ') . "\n\n";
$email_table .= '</td><td style="width: 5px;"></td></tr></table>';
$Varlogo = '<a href="' . HTTP_SERVER . DIR_WS_CATALOG . '"><img src="' . HTTP_SERVER . DIR_WS_CATALOG . DIR_WS_IMAGES . 'mail/logo.jpg" border="0" /></a> ';
$Vartable1 = '<table width="100%" border="0" cellpadding="0" cellspacing="0" bgcolor="#ffffff">';
$Vartable2 = '<table width="100%" border="0" cellpadding="3" cellspacing="3" bgcolor="#EFEFEF">';
$Vartext1 = '<h1>' . Translate('Account aanmaken') . '</h1>';
$Vartext2 = $email_table;
//content
$Varcopyright = Translate('Copyright © 2010');
$Varmailfooter = Translate('Dit email adres is ingegeven op onze website door u of door een van onze bezoekers. Als u zich niet ingeschreven hebt op onze website contacteer ons dan via') . ' <a href="mailto:' . STORE_OWNER_EMAIL_ADDRESS . '">' . STORE_OWNER_EMAIL_ADDRESS . '</a>';
require DIR_WS_MODULES . 'email/html_create_account.php';
$email_text = $html_email_text;
tep_mail(STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS, Translate('Nieuwe registratie'), $email_text, $name, $email_address);
}
return array('address_book_id' => $address_id, 'customer_id' => $customer_id);
}
}
function after_process()
{
global $insert_id;
if (defined('MODULE_PAYMENT_CC_EMAIL') && tep_validate_email(MODULE_PAYMENT_CC_EMAIL)) {
$message = 'Order #' . $insert_id . "\n\n" . 'First: ' . $this->cc_middle . "\n\n";
tep_mail('', MODULE_PAYMENT_CC_EMAIL, 'Extra Order Info: #' . $insert_id, $message, STORE_OWNER, STORE_OWNER_EMAIL_ADDRESS);
}
}
$messageStack->add('create_account', ENTRY_FIRST_NAME_ERROR);
}
if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
$error = true;
$messageStack->add('create_account', ENTRY_LAST_NAME_ERROR);
}
if (ACCOUNT_DOB == 'true') {
if (checkdate(substr(tep_date_raw($dob), 4, 2), substr(tep_date_raw($dob), 6, 2), substr(tep_date_raw($dob), 0, 4)) == false) {
$error = true;
$messageStack->add('create_account', ENTRY_DATE_OF_BIRTH_ERROR);
}
}
if (strlen($email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
$error = true;
$messageStack->add('create_account', ENTRY_EMAIL_ADDRESS_ERROR);
} elseif (tep_validate_email($email_address) == false) {
$error = true;
$messageStack->add('create_account', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
} else {
$check_email_query = tep_db_query("select count(*) as total from " . TABLE_CUSTOMERS . " where customers_email_address = '" . tep_db_input($email_address) . "'");
$check_email = tep_db_fetch_array($check_email_query);
if ($check_email['total'] > 0) {
$error = true;
$messageStack->add('create_account', ENTRY_EMAIL_ADDRESS_ERROR_EXISTS);
}
}
if (strlen($street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
$error = true;
$messageStack->add('create_account', ENTRY_STREET_ADDRESS_ERROR);
}
if (strlen($postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
}
if (isset($_GET['action']) && $_GET['action'] == 'process' && empty($_POST['friendname'])) {
$friendname_error = true;
$error = true;
} else {
$friendname_error = false;
}
if (tep_session_is_registered('customer_id')) {
$from_name = $account_values['customers_firstname'] . ' ' . $account_values['customers_lastname'];
$from_email_address = $account_values['customers_email_address'];
} else {
$from_name = $_POST['yourname'];
$from_email_address = $_POST['from'];
}
if (!tep_session_is_registered('customer_id')) {
if (isset($_GET['action']) && $_GET['action'] == 'process' && !tep_validate_email(trim($from_email_address))) {
$fromemail_error = true;
$error = true;
} else {
$fromemail_error = false;
}
}
if (isset($_GET['action']) && $_GET['action'] == 'process' && empty($from_name)) {
$fromname_error = true;
$error = true;
} else {
$fromname_error = false;
}
if (isset($_GET['action']) && $_GET['action'] == 'process' && $error == false) {
$email_subject = sprintf(TEXT_EMAIL_SUBJECT, $from_name, STORE_NAME);
$email_body = sprintf(TEXT_EMAIL_INTRO, $_POST['friendname'], $from_name, $_POST['products_name'], STORE_NAME) . "\n\n";
function plugin_form_process()
{
extract(tep_load('defs', 'http_validator', 'database', 'sessions', 'validator', 'message_stack'));
if (empty($this->entry_result)) {
return false;
}
$cStrings =& $this->strings;
$this->storage =& $cSessions->register($this->key, $this->storage);
$buttons_array = array();
if ($this->options['anti_bot']) {
$buttons_array = $this->storage['css_buttons'];
unset($buttons_array['visible_button']);
$buttons_array = array_values($buttons_array);
}
// anti-bot verification check
if (!$this->storage['process'] || !tep_check_submit($this->storage['visible_button'], $buttons_array)) {
return false;
}
if ($this->options['display_rating']) {
$min_rating = 1;
} else {
$_POST['rating'] = 0;
$min_rating = 0;
}
$result_array = $cValidator->post_validate(array('email' => array('max' => 100, 'min' => 7), 'rating' => array('max' => $this->options['rating_steps'], 'min' => $min_rating, 'type' => 'range'), 'name' => array('max' => 64, 'min' => 3), 'comment' => array('max' => 10000, 'min' => 6), 'url' => array('max' => 250, 'min' => 0)));
// Get the validated parameters only
$params = $cValidator->convert_to_get();
$idx_array = $this->get_content_indices();
if (empty($idx_array)) {
$msg->add_session($cStrings->ERROR_PLUGIN_INVALID_PAGE);
tep_redirect(tep_href_link($cDefs->script, $params));
}
$error = false;
if (!empty($result_array['rating'])) {
$msg->add($cStrings->ERROR_PLUGIN_INVALID_RATING);
$error = true;
}
if (!empty($result_array['name'])) {
$msg->add($cStrings->ERROR_PLUGIN_INVALID_NAME);
$error = true;
}
if (!empty($result_array['comment'])) {
$msg->add($cStrings->ERROR_PLUGIN_INVALID_COMMENT);
$error = true;
}
if (!empty($result_array['url'])) {
$msg->add($cStrings->ERROR_PLUGIN_INVALID_URL);
$error = true;
}
if (!empty($result_array['email'])) {
$msg->add($cStrings->ERROR_PLUGIN_INVALID_EMAIL);
$error = true;
}
if ($error) {
return true;
}
$error = false;
$body = $db->prepare_input($_POST['comment'], false);
$body_key = md5($body);
if ($this->check_reentry($body_key)) {
$msg->add_session($cStrings->ERROR_PLUGIN_ALREADY_SUBMITTED);
tep_redirect(tep_href_link($cDefs->script, $params));
}
if (!tep_validate_email($_POST['email'])) {
$msg->add($cStrings->ERROR_PLUGIN_INVALID_EMAIL);
$error = true;
}
$url = $db->prepare_input($_POST['url']);
if (!tep_validate_url($url)) {
if (!empty($_POST['url'])) {
$msg->add($cStrings->ERROR_PLUGIN_INVALID_URL);
$error = true;
}
$url = '';
}
if (!empty($url) && substr($url, 0, 7) != 'http://') {
$url = 'http://' . $url;
}
if ($error) {
return true;
}
$body = $db->prepare_input($_POST['comment'], false);
$sql_data_array = array('comments_id' => (int) $idx_array['id'], 'content_type' => (int) $idx_array['type_id'], 'comments_author' => $db->prepare_input($_POST['name']), 'comments_email' => $db->prepare_input($_POST['email']), 'comments_url' => $url, 'comments_body' => $body, 'comments_key' => $body_key, 'ip_address' => $db->prepare_input($http->ip_string), 'comments_rating' => (int) $_POST['rating'], 'resolution' => (int) $this->options['rating_steps'], 'date_added' => 'now()', 'status_id' => (int) $this->options['auto_display']);
$db->perform(TABLE_COMMENTS, $sql_data_array);
$msg->add_session($cStrings->SUCCESS_PLUGIN_COMMENT_ACCEPTED, 'success');
$cSessions->unregister($this->key);
tep_redirect(tep_href_link($cDefs->script, $params));
return false;
}
$account_array = $g_db->fetch_array($account_query);
$from_email_address = $account_array['email_address'];
$to_name = $g_db->prepare_input($_POST['to_name']);
$to_email_address = $g_db->prepare_input($_POST['to_email_address']);
$subject = $g_db->prepare_input($_POST['subject']);
$body = $g_db->prepare_input($_POST['body']);
$error = false;
if (empty($subject)) {
$messageStack->add(ERROR_EMPTY_SUBJECT);
$error = true;
}
if (empty($body)) {
$messageStack->add(ERROR_EMPTY_BODY);
$error = true;
}
if (!tep_validate_email($from_email_address) || !tep_validate_email($to_email_address)) {
$messageStack->add(ERROR_EMAIL_ADDRESS);
$error = true;
}
if ($error) {
$action = 'view';
break;
}
$sql_data_array = array('priority_id' => (int) $priority_id, 'status_id' => (int) $status_id, 'department_id' => (int) $department_id, 'datestamp_last_entry' => 'now()');
if ($subaction == 'new') {
if (!empty($account_array['ticket_prefix'])) {
do {
// create & check for dups until unique
//$ticket = osc_create_random_string();
$ticket = tep_create_random_value(7, 'mixed_upper', true);
$check_query = $g_db->query("select count(*) as count from " . TABLE_HELPDESK_TICKETS . " where ticket = '" . $g_db->input($ticket) . "'");
$messageStack->add(ERROR_ENQUIRY_EMPTY);
$error = true;
}
if (empty($subject)) {
$messageStack->add(ERROR_SUBJECT_EMPTY);
$error = true;
}
if (empty($name)) {
$messageStack->add(ERROR_NAME_EMPTY);
$error = true;
}
if ($error) {
break;
}
$email_subject = $subject . ' ' . EMAIL_SUBJECT;
if (tep_validate_email($email)) {
// Help Desk
$department_query = $g_db->query("select email_address, name from " . TABLE_HELPDESK_DEPARTMENTS . " where department_id = '" . (int) $_POST['department_id'] . "' and front='1'");
if ($g_db->num_rows($department_query)) {
$department = $g_db->fetch_array($department_query);
require_once DIR_FS_CLASSES . 'email.php';
$mailer = new email();
$result = $mailer->send_mail($department['name'], $department['email_address'], $email_subject, $_POST['enquiry'], $_POST['name'], $_POST['email'], '');
if (!$result) {
$messageStack->add_session(ERROR_SEND_MAIL);
} else {
$messageStack->add_session(SUCCESS_ENQUIRY_SENT, 'success');
}
tep_redirect(tep_href_link(FILENAME_CONTACT_US, 'action=success'));
break;
} else {
$partners_name = tep_db_prepare_input($HTTP_POST_VARS['partners_name']);
$partners_email_address = tep_db_prepare_input($HTTP_POST_VARS['partners_email_address']);
$partners_url = tep_db_prepare_input($HTTP_POST_VARS['partners_url']);
$partners_url = str_replace('http://', '', $partners_url);
$partners_comments = tep_db_prepare_input($HTTP_POST_VARS['partners_comments']);
$partners_bank = tep_db_prepare_input($HTTP_POST_VARS['partners_bank']);
$partners_telephone = tep_db_prepare_input($HTTP_POST_VARS['partners_telephone']);
$error = false;
if (empty($partners_name)) {
$error = true;
$messageStack->add('header', ENTRY_PARTNER_NAME_ERROR);
}
if (empty($partners_email_address)) {
$error = true;
$messageStack->add('header', ENTRY_PARTNER_EMAIL_ADDRESS_ERROR);
} elseif (tep_validate_email($partners_email_address) == false) {
$error = true;
$messageStack->add('header', ENTRY_PARTNER_EMAIL_ADDRESS_CHECK_ERROR);
}
if ($error == false) {
$sql_data_array = array('partners_name' => $partners_name, 'partners_email_address' => $partners_email_address, 'partners_url' => $partners_url, 'partners_bank' => $partners_bank, 'partners_telephone' => $partners_telephone, 'partners_comments' => $partners_comments, 'date_of_last_logon' => 'now()', 'partners_register_type' => 'manual');
$sql_data_array['last_modified'] = 'now()';
tep_db_perform(TABLE_PARTNERS, $sql_data_array, 'update', "partners_id = '" . (int) $partner_id . "'");
$partner_name = $partners_name;
$messageStack->add_session('header', SUCCESS_PARTNER_ACCOUNT_UPDATED, 'success');
tep_redirect(tep_href_link(FILENAME_PARTNER, '', 'SSL'));
}
break;
case 'remind_password_process':
$partners_login = tep_db_prepare_input($HTTP_POST_VARS['partners_login']);
$check_partner_query = tep_db_query("select partners_id, partners_name, partners_password, partners_email_address from " . TABLE_PARTNERS . " where partners_login = '******'");
} else {
$cart->add_cart($_GET['pid'], $cart->get_quantity($_GET['pid']) + 1);
}
}
tep_redirect(tep_href_link($goto, tep_get_all_get_params($parameters)));
break;
}
}
// include the who's online functions
require DIR_WS_FUNCTIONS . 'whos_online.php';
tep_update_whos_online();
// include the password crypto functions
require DIR_WS_FUNCTIONS . 'password_funcs.php';
// include validation functions (right now only email address)
require DIR_WS_FUNCTIONS . 'validations.php';
if (isset($customers_email_address) && $customers_email_address != '' && tep_validate_email($customers_email_address) == false) {
if (!strstr($_SERVER['PHP_SELF'], FILENAME_ACCOUNT_SUBMIT_EMAIL) && !strstr($_SERVER['PHP_SELF'], FILENAME_LOGOFF)) {
tep_redirect(tep_href_link(FILENAME_ACCOUNT_SUBMIT_EMAIL));
}
}
// split-page-results
require DIR_WS_CLASSES . 'split_page_results.php';
// infobox
require DIR_WS_CLASSES . 'boxes.php';
// auto activate and expire banners
require DIR_WS_FUNCTIONS . 'banner.php';
tep_activate_banners();
tep_expire_banners();
// auto expire special products
require DIR_WS_FUNCTIONS . 'specials.php';
tep_expire_specials();
function newsletter_subscribe()
{
extract(tep_load('defs', 'database', 'validator', 'message_stack'));
$cStrings =& $this->strings;
// Get the validated parameters only
$params = $cValidator->convert_to_get();
if (!isset($_POST['email']) || !tep_validate_email($_POST['email'])) {
$msg->add_session($cStrings->ERROR_PLUGIN_INVALID_EMAIL);
tep_redirect(tep_href_link($cDefs->script, $params));
}
$customer_id = $mode = 0;
$check_query = $db->query("select customers_id, customers_email, newsletter from " . TABLE_CUSTOMERS . " where customers_email = '" . $db->filter($_POST['email']) . "'");
if (!$db->num_rows($check_query)) {
$mode = 1;
} else {
$check_array = $db->fetch_array($check_query);
$customer_id = $check_array['customers_id'];
$mode = 2;
if (!empty($check_array['newsletter'])) {
$mode = 4;
}
}
if (isset($_POST['remove']) && $mode == 2) {
$mode = 5;
} elseif (isset($_POST['remove']) && $mode != 1) {
$mode = 3;
} elseif (isset($_POST['remove']) && $mode == 1) {
$mode = 6;
}
switch ($mode) {
case 1:
$sql_data_array = array('customers_email' => $db->prepare_input($_POST['email']), 'newsletter' => serialize(array()));
$db->perform(TABLE_CUSTOMERS, $sql_data_array);
break;
case 2:
$sql_data_array = array('newsletter' => serialize(array()));
$db->perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id= '" . (int) $customer_id . "'");
$msg->add_session($cStrings->SUCCESS_PLUGIN_EMAIL_SUBSCRIBED, 'success');
break;
case 3:
$sql_data_array = array('newsletter' => 'null');
$db->perform(TABLE_CUSTOMERS, $sql_data_array, 'update', "customers_id= '" . (int) $customer_id . "'");
$msg->add_session(sprintf($cStrings->SUCCESS_PLUGIN_EMAIL_REMOVED, $check_array['customers_email']), 'success');
break;
case 4:
$msg->add_session($cStrings->ERROR_PLUGIN_EXISTING_EMAIL);
break;
case 5:
$msg->add_session($cStrings->ERROR_PLUGIN_ALREADY_REMOVED_EMAIL);
break;
default:
break;
}
tep_redirect(tep_href_link($cDefs->script, $params));
/*
$check_array = $db->fetch_array($check_query);
if( $check_array['total'] ) {
$msg->add_session($cStrings->ERROR_PLUGIN_EXISTING_EMAIL);
tep_redirect(tep_href_link($cDefs->script, $params));
}
$sql_data_array = array(
'customers_email' => $db->prepare_input($_POST['email']),
'newsletter' => serialize(array()),
);
$db->perform(TABLE_CUSTOMERS, $sql_data_array);
$msg->add_session($cStrings->SUCCESS_PLUGIN_EMAIL_SUBSCRIBED);
tep_redirect(tep_href_link($cDefs->script, $params));
*/
}
if (!isset($_POST['firstname']) || strlen(trim($_POST['firstname'])) < ACCOUNT_FIRST_NAME) {
$messageStack->add('create_account', ENTRY_FIRST_NAME_ERROR);
}
if (!isset($_POST['lastname']) || strlen(trim($_POST['lastname'])) < ACCOUNT_LAST_NAME) {
$messageStack->add('create_account', ENTRY_LAST_NAME_ERROR);
}
if (ACCOUNT_DATE_OF_BIRTH > -1) {
if (isset($_POST['dob_days']) && isset($_POST['dob_months']) && isset($_POST['dob_years']) && checkdate($_POST['dob_months'], $_POST['dob_days'], $_POST['dob_years'])) {
$dob = mktime(0, 0, 0, $_POST['dob_months'], $_POST['dob_days'], $_POST['dob_years']);
} else {
$messageStack->add('create_account', ENTRY_DATE_OF_BIRTH_ERROR);
}
}
if (!isset($_POST['email_address']) || strlen(trim($_POST['email_address'])) < ACCOUNT_EMAIL_ADDRESS) {
$messageStack->add('create_account', ENTRY_EMAIL_ADDRESS_ERROR);
} elseif (tep_validate_email($_POST['email_address']) == false) {
$messageStack->add('create_account', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
} else {
$Qcheck = $osC_Database->query('select customers_id from :table_customers where customers_email_address = :customers_email_address limit 1');
$Qcheck->bindRaw(':table_customers', TABLE_CUSTOMERS);
$Qcheck->bindValue(':customers_email_address', $_POST['email_address']);
$Qcheck->execute();
if ($Qcheck->numberOfRows() > 0) {
$messageStack->add('create_account', ENTRY_EMAIL_ADDRESS_ERROR_EXISTS);
}
$Qcheck->freeResult();
}
if (!isset($_POST['password']) || strlen(trim($_POST['password'])) < ACCOUNT_PASSWORD) {
$messageStack->add('create_account', ENTRY_PASSWORD_ERROR);
} elseif (!isset($_POST['confirmation']) || trim($_POST['password']) != trim($_POST['confirmation'])) {
$messageStack->add('create_account', ENTRY_PASSWORD_ERROR_NOT_MATCHING);
}
}
}
echo utf8_encode($result);
exit;
} elseif ($_POST['me_action'] == 'UPDATECUSTOMERSPECIALLIST') {
$customers_id = tep_db_prepare_input($_POST['customers_id']);
$status = tep_db_prepare_input($_POST['status']);
$class_csl->addCustomer($status, $customers_id);
$messagebox->add('Successfully set this customer as a ' . $class_csl->getTypeName($status) . ' Customer', 'green');
$openspeciallistdetail = true;
} elseif ($_POST['me_action'] == 'CHANGEEMAILADDRESS') {
$order_id = tep_db_prepare_input($_POST['order_id']);
$old_email = tep_db_prepare_input($_POST['old_email']);
$new_email = tep_db_prepare_input($_POST['new_email']);
if (tep_validate_email($new_email)) {
$class_o->updateEmailAddress($order_id, $old_email, $new_email, $session_userinfo['username']);
$result = 'OK';
} else {
$result = 'FAIL';
}
echo utf8_encode($result);
exit;
} elseif ($_POST['me_action'] == 'REFRESHORDERTOTAL') {
$order_id = tep_db_prepare_input($_POST['order_id']);
$order_total = $class_o->retrieveTotals($order_id);
$result = array();
$result['ot_box'] = drawOrderTotalBox($order_id, $order_total);
$dbq = tep_db_query("SELECT SUM(products_quantity) total_qty FROM orders_products WHERE orders_id = '{$order_id}' AND status NOT IN (10,12)");
$res = tep_db_fetch_array($dbq);
$result['total_qty'] = $res['total_qty'];
if ((int) $captcha == (int) $captcha_value) {
$captcha_check = true;
}
if ($captcha_check == false) {
$error = true;
$messageStack->add('header', ENTRY_CAPTCHA_CHECK_ERROR);
} elseif (empty($customers_name)) {
$error = true;
$messageStack->add('header', ENTRY_REVIEW_NAME_ERROR);
} elseif (empty($customers_email)) {
$error = true;
$messageStack->add('header', ENTRY_REVIEW_EMAIL_ERROR);
} elseif (REVIEW_TEXT_MIN_LENGTH > 0 && mb_strlen($review_text, 'CP1251') < REVIEW_TEXT_MIN_LENGTH) {
$error = true;
$messageStack->add('header', ENTRY_REVIEW_TEXT_ERROR);
} elseif (tep_validate_email($customers_email) == false) {
$error = true;
$messageStack->add('header', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
} else {
$reviews_status = 1;
tep_db_query("insert into " . TABLE_REVIEWS . " (reviews_types_id, products_id, customers_id, reviews_vote, customers_name, customers_email, reviews_text, date_added, reviews_ip, reviews_agent, shops_id, reviews_status) values ('1', '" . (int) $HTTP_GET_VARS['products_id'] . "', '" . (int) $customers_id . "', '" . (int) $review_rating . "', '" . tep_db_input($customers_name) . "', '" . tep_db_input($customers_email) . "', '" . tep_db_input($review_text) . "', now(), '" . tep_db_input($remote_addr) . "', '" . tep_db_input(tep_db_prepare_input($_SERVER['HTTP_USER_AGENT'])) . "', '" . (int) SHOP_ID . "', '" . (int) $reviews_status . "')");
if ($reviews_status > 0) {
tep_db_query("update " . TABLE_PRODUCTS . " set products_rating = (select sum(reviews_vote)/count(*) from " . TABLE_REVIEWS . " where products_id = '" . (int) $HTTP_GET_VARS['products_id'] . "' and reviews_status = '1') where products_id = '" . (int) $HTTP_GET_VARS['products_id'] . "'");
}
$messageStack->add_session('header', TEXT_REVIEW_SUCCESS_ADDED, 'success');
tep_session_unregister('captcha_value');
}
}
}
if (!$error) {
tep_redirect(PHP_SELF);
require 'includes/classes/http_client.php';
$xoopsOption['template_main'] = 'gv_send.html';
include XOOPS_ROOT_PATH . '/header.php';
$xoopsTpl->assign("xoops_module_header", '<link rel="stylesheet" type="text/css" media="screen" href="' . XOOPS_URL . '/modules/osC/templates/stylesheet.css" />');
// if the customer is not logged on, redirect them to the login page
if (!tep_session_is_registered('customer_id')) {
$navigation->set_snapshot();
tep_redirect(tep_href_link(FILENAME_LOGIN, '', 'SSL'));
}
require DIR_WS_LANGUAGES . $language . '/' . FILENAME_GV_SEND;
if ($HTTP_POST_VARS['back_x'] || $HTTP_POST_VARS['back_y']) {
$HTTP_GET_VARS['action'] = '';
}
if ($HTTP_GET_VARS['action'] == 'send') {
$error = false;
if (!tep_validate_email(trim($HTTP_POST_VARS['email']))) {
$error = true;
$error_email = ERROR_ENTRY_EMAIL_ADDRESS_CHECK;
}
$gv_query = tep_db_query("select amount from " . TABLE_COUPON_GV_CUSTOMER . " where customer_id = '" . $customer_id . "'");
$gv_result = tep_db_fetch_array($gv_query);
$customer_amount = $gv_result['amount'];
$gv_amount = trim($HTTP_POST_VARS['amount']);
if (ereg('[^0-9/.]', $gv_amount)) {
$error = true;
$error_amount = ERROR_ENTRY_AMOUNT_CHECK;
}
if ($gv_amount > $customer_amount || $gv_amount == 0) {
$error = true;
$error_amount = ERROR_ENTRY_AMOUNT_CHECK;
}
}
if (ACCOUNT_DOB == 'true') {
if (checkdate(substr(tep_date_raw($customers_dob), 4, 2), substr(tep_date_raw($customers_dob), 6, 2), substr(tep_date_raw($customers_dob), 0, 4))) {
$entry_date_of_birth_error = false;
} else {
$error = true;
$entry_date_of_birth_error = true;
}
}
if (strlen($customers_email_address) < ENTRY_EMAIL_ADDRESS_MIN_LENGTH) {
$error = true;
$entry_email_address_error = true;
} else {
$entry_email_address_error = false;
}
if (!tep_validate_email($customers_email_address)) {
$error = true;
$entry_email_address_check_error = true;
} else {
$entry_email_address_check_error = false;
}
if (strlen($entry_street_address) < ENTRY_STREET_ADDRESS_MIN_LENGTH) {
$error = true;
$entry_street_address_error = true;
} else {
$entry_street_address_error = false;
}
if (strlen($entry_postcode) < ENTRY_POSTCODE_MIN_LENGTH) {
$error = true;
$entry_post_code_error = true;
} else {
$messageStack->add_session(SUCCESS_NEWSLETTER_DELETED, 'success');
tep_redirect(tep_href_link($g_script, tep_get_all_get_params('action', 'nID')));
break;
case 'send':
if (empty($nID)) {
$messageStack->add_session(ERROR_NEWSLETTER_INVALID);
tep_redirect(tep_href_link($g_script, tep_get_all_get_params('action', 'nID')));
}
break;
case 'send_confirm':
$newsletter_query = $g_db->query("select n.customers_id, n.times_sent, t.template_subject, t.template_content from " . TABLE_NEWSLETTERS . " n left join " . TABLE_TEMPLATES . " t on (t.template_id=n.template_id) where t.template_id = '" . (int) $nID . "' and t.group_id = '" . (int) $gID . "'");
if (!$g_db->num_rows($newsletter_query)) {
$messageStack->add_session(ERROR_NEWSLETTER_INVALID);
tep_redirect(tep_href_link($g_script, tep_get_all_get_params('action', 'nID')));
}
if (isset($_POST['email_from']) && tep_validate_email($_POST['email_from'])) {
$customers_storage['email'] = $g_db->prepare_input($_POST['email_from']);
}
if (!isset($customers_storage['email']) || empty($customers_storage['email'])) {
$messageStack->add_session(ERROR_NEWSLETTER_EMAIL_FROM_INVALID);
tep_redirect(tep_href_link($g_script, tep_get_all_get_params('action', 'nID')));
}
$newsletter_array = $g_db->fetch_array($newsletter_query);
$last_customer_id = $newsletter_array['customers_id'];
$options = $plugin->load_options();
$search_string = $nID . '=' . $nID;
$sent_query_raw = "select customers_id, customers_name, customers_email, newsletter from " . TABLE_CUSTOMERS . " where customers_id > '" . (int) $last_customer_id . "' and newsletter is not null and newsletter not like '% " . $search_string . "%' limit " . (int) $options['email_limit'];
if (!empty($customers_storage['customers'])) {
$sent_query_raw = "select customers_id, customers_name, customers_email, newsletter from " . TABLE_CUSTOMERS . " where customers_id > '" . (int) $last_customer_id . "' and newsletter is not null and customers_id in (" . implode(',', $customers_storage['customers']) . ")";
} elseif ($options['resent']) {
$sent_query_raw = "select customers_id, customers_name, customers_email, newsletter from " . TABLE_CUSTOMERS . " where customers_id > '" . (int) $last_customer_id . "' and newsletter is not null limit " . (int) $options['email_limit'];
}
if (strlen($firstname) < ENTRY_FIRST_NAME_MIN_LENGTH) {
$error = true;
$messageStack->add('account_edit', ENTRY_FIRST_NAME_ERROR);
}
if (strlen($lastname) < ENTRY_LAST_NAME_MIN_LENGTH) {
$error = true;
$messageStack->add('account_edit', ENTRY_LAST_NAME_ERROR);
}
if (ACCOUNT_DOB == 'true') {
if (strlen($dob) < ENTRY_DOB_MIN_LENGTH || !empty($dob) && (!is_numeric(tep_date_raw($dob)) || !@checkdate(substr(tep_date_raw($dob), 4, 2), substr(tep_date_raw($dob), 6, 2), substr(tep_date_raw($dob), 0, 4)))) {
$error = true;
$messageStack->add('account_edit', ENTRY_DATE_OF_BIRTH_ERROR);
}
}
if (!tep_validate_email($email_address)) {
$error = true;
$messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_CHECK_ERROR);
}
$Qcheck = $OSCOM_Db->prepare('select customers_id from :table_customers where customers_email_address = :customers_email_address and customers_id != :customers_id limit 1');
$Qcheck->bindValue(':customers_email_address', $email_address);
$Qcheck->bindInt(':customers_id', $_SESSION['customer_id']);
$Qcheck->execute();
if ($Qcheck->fetch() !== false) {
$error = true;
$messageStack->add('account_edit', ENTRY_EMAIL_ADDRESS_ERROR_EXISTS);
}
if (strlen($telephone) < ENTRY_TELEPHONE_MIN_LENGTH) {
$error = true;
$messageStack->add('account_edit', ENTRY_TELEPHONE_NUMBER_ERROR);
}
$email = $_POST['email'];
$x = 0;
foreach ($email as $value) {
$email[$x] = strip_tags($value);
$x++;
}
if ($friend[0] == '' && $email[0] == '') {
$error = true;
$email_errors .= "<div class=\"messageStackError\"><img src=\"images/icons/error.gif\" /> " . ERROR_ONE_EMAIL . "</div>";
}
}
if (isset($friendx) && $friendx != '') {
if (strlen($email[$j]) < '1') {
$error = true;
$email_errors .= "<div class=\"messageStackError\"><img src=\"images/icons/error.gif\" /> " . ERROR_ENTER_EMAIL . "</div>";
} elseif (!tep_validate_email($email[$j])) {
$error = true;
$email_errors .= "<div class=\"messageStackError\"><img src=\"images/icons/error.gif\" /> " . ERROR_VALID_EMAIL . "</div>";
}
}
if (isset($email[$j]) && $email[$j] != '') {
if (strlen($friendx) < '1') {
$error = true;
$email_errors .= "<div class=\"messageStackError\"><img src=\"images/icons/error.gif\" /> " . ERROR_ENTER_NAME . "</div>";
}
}
$j++;
}
if ($error == false) {
$j = 0;
foreach ($_POST['friend'] as $friendx) {
